2015年1月27日星期二

VirtualBox_008:Oracle VM VirtualBox使用指南之八:如何设置Host-Only网络?

环境:MAC OS X 10.10.1 (主机)+ RHEL 6.6(客机)

MAC 下安装VirtualBox后,默认是无法使用Host-Only网络模式的,需要做以下步骤。

1. 点击菜单VirtualBox->偏好设置->网络->仅主机(Host-Only)网络
增加一个 Host-Only 网络,比如vboxnet0。



2. 选择一个虚机,设置其网络,选择Host-Only网络


参考文献:
1. http://wenku.baidu.com/link?url=qS7ttV7St-9u6KdLCCbsNt1lLBciu_S98ntEtGX0-PJufpOgS59Kk9Qcfls1d17MaWTHg4snFBIGgXgwc92fibDuiM7rUWbRn34sSd2SXxu

2015年1月19日星期一

Linux_100:常用命令之二十七:man

man命令可以查看命令的帮助信息。
格式:man [command]
比如:man curl

操作说明:
(1)q 退出
(2)Enter 即回车键 下翻一行
(3)Space 即空格键 下翻一页
(4)b 上翻一页
(5)/ 后面跟一个字符串 + Enter 即回车键 查找字符串
(6)n 发现上一次查找的下一个匹配


2015年1月9日星期五

VirtualBox_007:Oracle VM VirtualBox使用指南之七:如何给虚机增加硬盘?

 环境:MAC OS X 10.10.1 (主机)+ RHEL 6.6(客机)

1. 关掉虚机的情况下,在SATA控制器下再添加一块SCSI硬盘



注意,如果之前添加过同名硬盘,比如这里是NewVirtualDisk1.vdi,需要手工删除RHEL 6.6.vbox和RHEL 6.6.vbox-prev文件中的这一行:
<HardDisk uuid="{2f4ec1d3-88ac-4271-97a0-0e92e326f906}" location="NewVirtualDisk1.vdi" format="VDI" type="Normal">
并且手工删除NewVirtualDisk1.vdi文件。

2.  启动虚机
(1)# fdisk -l
应该可以看到新增加的硬盘:
Disk /dev/sdb: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
(2)# fdisk /dev/sdb
对/dev/sdb进行分区,先后输入n,p,1,w。
(3)# fdisk -l
应该可以看到/dev/sdb已经被分区:
Disk /dev/sdb: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x5e6ddca6

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        1044     8385898+  83  Linux
(4)# mkfs -t ext4 /dev/sdb1
格式化分区/dev/sdb1。
(5)# mkdir -p /mnt/newdisk1
(6)# mount /dev/sdb1 /mnt/newdisk1
挂载/dev/sdb1到/mnt/newdisk1目录
运行# df -TH 检查一下
Filesystem           Type     Size  Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root
                     ext4      19G  4.0G   14G  23% /
tmpfs                tmpfs    985M  238k  985M   1% /dev/shm
/dev/sda1            ext4     500M   35M  439M   8% /boot
Share                vboxsf   500G  405G   95G  81% /media/sf_Share
/dev/sr0             iso9660   59M   59M     0 100% /media/VBOXADDITIONS_4.3.20_96996
/dev/sr1             iso9660  3.8G  3.8G     0 100% /media/RHEL-6.6 Server.x86_64
/dev/sdb1            ext4     8.4G   19M  7.9G   1% /mnt/newdisk1

现在可以使用新增加的硬盘了。

参考文献:
1. http://blog.csdn.net/ganshuyu/article/details/17954733


2015年1月4日星期日

Cloud_025:AWS EC2 下安装PPTP VPN服务

首先远程连接到AWS  EC2实例,然后按照以下步骤。

1. wget http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/pptpd-1.4.0-1.el6.x86_64.rpm
如果没有wget命令,使用curl命令也可以,
curl -O http://poptop.sourceforge.net/yum/stable/rhel6/x86_64/pptpd-1.4.0-1.el6.x86_64.rpm

2. yum localinstall pptpd-1.4.0-1.el6.x86_64.rpm

3. sudo vim /etc/pptpd.conf,增加如下内容:
localip     192.168.9.1
remoteip    192.168.9.11-30

4. sudo vim /etc/ppp/options.pptpd,增加如下内容:
ms-dns    8.8.8.8
ms-dns    8.8.4.4

5. sudo vim /etc/ppp/chap-secrets,增加如下内容:
maping pptpd 123456 *

6. sudo vim /etc/sysctl.conf,设置 net.ipv4.ip_forward = 1

7. sudo /sbin/sysctl -p

8. sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

9. sudo vim /etc/rc.local

10. sudo /etc/init.d/pptpd restart

11.  sudo chkconfig pptpd on

12. 在MAC下,连接VPN




虽然配置成功了VPN,但依然无法翻墙,不知道是不是PPTP本身被墙的缘故。

参考文献:
1. http://blog.banban.me/blog/2014/06/09/li-yong-awsmian-fei-zhang-hu-da-jian-vpn/
2. http://www.yzhang.net/blog/2013-03-07-pptp-vpn-ec2.html

Linux_099:RHEL6下安装Samba服务

环境:RHEL 6.6

RHEL6默认没有安装Samba服务,需要手工安装。
首先挂载RHEL 6.6 iso,然后进入Packages目录。

1. 安装samba
# rpm -ivh samba-3.6.23-12.el6.x86_64.rpm
warning: samba-3.6.23-12.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:samba                  ########################################### [100%]

2. 安装samba-client
# rpm -ivh samba-client-3.6.23-12.el6.x86_64.rpm
warning: samba-client-3.6.23-12.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
    package samba-client-0:3.6.23-12.el6.x86_64 is already installed

3. 创建共享目录,并改变目录属主为nobody
(1)# mkdir -p /share/docs
(2)# chown nobody:nobody /share/docs -R

4. 修改/etc/samba/smb.conf,修改后内容如下:

[global]
workgroup = WORKGROUP
server string = MaPing Samba Server Version %v
netbios name = RHEL 6.6 Server
log file = /var/log/samba/log.%m
security = share
[public]
comment = shared docs
path = /share/docs
public = yes
browseable = yes
writeable = yes

5. 设置防火墙,开启port:139和port:445
# vim /etc/sysconfig/iptables
修改后的文件内容如下:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

6.  disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


7. 重启samba服务
 (1)service  smb restart
 (2)chkconfig --level 35 smb on

8. 在Windows 7 机器上访问共享目录
(1)可以直接在地址栏输入:\\192.168.0.105\public
(2)在命令行窗口输入:net view \\192.168.0.105,连接成功后,会输出Server以及共享目录信息。
执行 net use H: \\192.168.0.105\public,将共享目录映射为驱动器H。
试一试,应该可以向共享目录中读写文件。

9. 在Linux 机器上访问共享目录
smbclient //192.168.0.105/public

参考文献:
1. http://www.it165.net/os/html/201312/7021.html

Cloud_024:AWS下搭建免费的WordPress

1. 注册AWS账户
参考文献1。

2. 进入EC2 Dashboard,点击Launce Instance
 (1) 选择Amazon Linux AMI。
 (2) 在Add Storage步骤,设置30G的存储空间大小
 (3) 选择Launce Instances,会提示你创建或选择Key Pair,选择创建。
启动后,就有一个EC 2 实例,可以访问了。
 (4)为了有一个固定的公网IP地址,将EC 2实例绑定到一个Elastic IP 。

3. 远程连接EC 2 实例
 (1)把下载的.pem私钥移动到~/.ssh目录,并进入~/.ssh目录。
 (2)chmod 600 maping-aws-ami.pem
 (3)ssh -i maping-aws-ami.pem ec2-user@54.65.157.224

4. 安装WordPress
远程连接到EC 2 实例后, 执行如下命令:
 (1)sudo yum -y install httpd php mysql mysql-server php-mysql
 (2)sudo chkconfig httpd on
 (3)sudo chkconfig mysqld on
 (4)修改inbound rules,增加 80、3306、3389端口



WordPress具体安装步骤,请参考《RHEL6下搭建WordPress网站》。

重启EC 2 实例,访问http://54.65.157.224/



参考文献:
1. http://blog.banban.me/blog/2014/06/09/li-yong-awsmian-fei-zhang-hu-da-jian-vpn/
2. http://liudanking.me/beautiful-life/aws-ec2-wordpress_blog/
3. http://www.cnblogs.com/vamei/archive/2012/12/04/2799381.html

2015年1月3日星期六

Linux_098:下载指定的软件 repo

环境:RHEL 6.7

这里以下载 JBoss EAP 和 JBoss Web Server 为例说明如何下载 repo。

访问 https://access.redhat.com/downloads/content/package-browser,根据关键字查找软件,比如:eap6 或 jws3。
输入 jws3,会显示 jboss web server 3 的有关软件包,如下图:

随便选一个组件,点击右边的 X86_64,显示如下画面:

可以看到 JBoss Enterprise Web Server 3 for RHEL 6 x86_64 是软件名称,
jws-3-for-rhel-6-server-rpms 就是 repo label。

点击软件名称,可以选择不同的版本,如下图所示:

接下来就可以下载指定的 repo 了。

subscription-manager register;

subscription-manager list --available;

subscription-manager attach --pool=< your-pool-id >

subscription-manager repos --disable="*"

subscription-manager repos \
    --enable="rhel-6-server-rpms" \
    --enable="jb-eap-7.0-for-rhel-6-server-rpms" \
    --enable="jb-eap-6.4-for-rhel-6-server-rpms" \
    --enable="jb-eap-6.3-for-rhel-6-server-rpms" \
    --enable="jws-3-for-rhel-6-server-rpms" \
    --enable="jb-ews-2-for-rhel-6-server-rpms"

yum install -y yum-utils;

reposync -r jb-eap-7.0-for-rhel-6-server-rpms -p ./;
reposync -r jb-eap-6.4-for-rhel-6-server-rpms -p ./;
reposync -r jb-eap-6.3-for-rhel-6-server-rpms -p ./;
reposync -r jws-3-for-rhel-6-server-rpms -p ./;
reposync -r jb-ews-2-for-rhel-6-server-rpms -p ./;

MAC_024:解决MAC下没有ssh-copy-id的问题

环境:MAC OS X 10.10.1

解决的方法很简单,运行 brew install ssh-copy-id就行了,关于brew的安装,请参考《MAC下安装Homebrew》 。

运行brew install ssh-copy-id 时,报出以下错误:
/usr/local/bin/brew: /usr/local/Library/brew.rb: /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/bin/ruby: bad interpreter: No such file or directory
/usr/local/bin/brew: line 23: /usr/local/Library/brew.rb: Undefined error: 0

查看后,发现是因为MAC升级到10.10后,升级了Ruby到2.0,而/usr/local/Library/brew.rb文件中的第一行使用的是1.8版本,把1.8改成2.0就好了。
#!/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/bin/ruby -W0

参考文献:
1. http://wz102.blog.51cto.com/3588520/1566009

Linux_097:RHEL6下安装OpenSSH服务

环境:RHEL 6.6


RHEL 6.6 默认已经安装了OpenSSH服务,无需手工安装。
如果不确认是否已经安装了OpenSSH服务,可以运行 rpm -qa openssh-server 查看。
如果不确认是否已经安装了OpenSSH客户端,可以运行 rpm -qa openssh-clients 查看。

首先,增加RHEL 6.6 iso作为本地YUM源,并进入Packages目录。

1. 安装openssh-server
 # rpm -ivh openssh-server*.rpm


2. 安装openssh-clients
 # rpm -ivh openssh-clients*.rpm

3. 测试:ssh [username@ip_address]
例1:ssh maping@192.168.0.105


Linux_096:RHEL6下安装telnet服务

环境:RHEL 6.6

RHEL 6.6 默认没有安装telnet服务,需要手工安装。
如果不确认是否已经安装了telnet服务,可以运行 rpm -qa telnet-server 查看。
首先,增加RHEL 6.6 iso作为本地YUM源,并进入Packages目录。

1. 安装xinetd
# rpm -ivh xinetd-2.3.14-39.el6_4.x86_64.rpm
warning: xinetd-2.3.14-39.el6_4.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:xinetd                 ########################################### [100%]

2. 安装telnet-server
# rpm -ivh telnet-server-0.17-48.el6.x86_64.rpm
warning: telnet-server-0.17-48.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:telnet-server          ########################################### [100%]

3. 安装telnet 
# rpm -ivh telnet-0.17-48.el6.x86_64.rpm
warning: telnet-0.17-48.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:telnet                 ########################################### [100%]

4.  设置防火墙,开启port:23
# vim /etc/sysconfig/iptables
修改后的文件内容如下:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

5.  disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

6. # chkconfig --level 35 telnet on,重启机器。

7. 测试:telnet [IP地址] [Port]
除了测试 telnet 默认的port:23,telnet 还可以用来测试任意远程主机的任意端口是否开启。
例1:telnet 192.168.0.105 8080
Trying 192.168.0.105...
Connected to 192.168.0.105.
Escape character is '^]'.
表示IP地址为192.168.0.105的机器的8080 端口开启。

例2: telnet 192.168.0.105 7777
Trying 192.168.0.105...
telnet: connect to address 192.168.0.105: Connection refused
telnet: Unable to connect to remote host
表示IP地址为192.168.0.105的机器的7777 端口未开启。

参考文献:
1. http://woshixy.blog.51cto.com/5637578/1279126
2. http://zoulu1.blog.163.com/blog/static/46733149201252752125837

Linux_095:RHEL6下安装vsftpd服务

运行环境:RHEL 6.6

首先安装RHEL 6.6,并且设置RHEL 6.6 iso作为本地YUM源。

1. 找到vsftpd软件
vsftpd(very secure FTP daemon)软件就在RHEL 6.6 iso中,挂载后,进入Packages目录,
# ls *ftp*
ftp-0.17-54.el6.x86_64.rpm            tftp-0.49-7.el6.x86_64.rpm
gvfs-obexftp-1.4.3-18.el6.x86_64.rpm  tftp-server-0.49-7.el6.x86_64.rpm
lftp-4.0.9-1.el6_5.1.i686.rpm         vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
lftp-4.0.9-1.el6_5.1.x86_64.rpm

2. 安装vsftpd
# rpm -ivh vsftpd-2.2.2-12.el6_5.1.x86_64.rpm
warning: vsftpd-2.2.2-12.el6_5.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
Preparing...                ########################################### [100%]
   1:vsftpd                 ########################################### [100%]

# rpm -qa | grep vsftpd
vsftpd-2.2.2-12.el6_5.1.x86_64

3. 启动vsftpd
# service vsftpd start
# chkconfig --level 35 vsftpd on

4.  disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

5.  设置防火墙,开启port:20和port:21
# vim /etc/sysconfig/iptables
修改后的文件内容如下: 

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

6. 如果需要使用root账户登录ftp,需要修改以下两个文件
  # vim /etc/vsftpd.ftpusers, 注释root这一行
  # vim /etc/vsftpd.user_list,注释root这一行
 
7. 重启机器
# netstat -an | grep 21
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN

8. 使用FileZilla连接


这样设置后,连接时会报告一个错误:     无法建立数据连接:ECONNREFUSED - 连接被服务器拒绝。
需要把传输模式设置为“主动”。




参考文献:
1. http://blog.csdn.net/ft1512975/article/details/6620227
2. http://meiyitianabc.blog.163.com/blog/static/1050221272013111393315536/
3. http://blog.163.com/yxhui_cool/blog/static/770197702010712516841/

2015年1月2日星期五

Linux_094:RHEL6下搭建WordPress网站

运行环境:RHEL 6.6

WordPress是基于PHP的博客架设工具。它提供了一套开源的PHP代码以方便用户在支持PHP的主机上快速的建立博客。WordPress的作者Matt Mullenweg。作为一个狂热的博客爱好者,他深感当时博客产品的不足,从而开发了WordPress。WordPress有很好的图形化管理页面。所以,即使不懂html/css/javascript,也可以创建出一个成熟美观的博客。

首先安装好LAMP环境,具体请参考《RHEL6下使用YUM安装LAMP环境 》。

1. 下载WordPress:https://wordpress.org/download/

2. 为WordPress创建数据库
(1)mysql -uroot -p
(2)mysql> create database wordpress;

3. 解压安装WordPress到/var/www/html目录
安装前最好备份/var/www/html目录下的文件并移除到其它地方。


4. 访问:http://localhost,开始进行Web方式安装WordPress。








出现如上提示是因为没有设置/var/www/html目录权限。执行如下命令:
(1)# chown apache.apache -R /var/www/html
(2)# chmod 700 -R /var/www/html/





点击安装,然后访问http://localhost,WordPress网站搭建完毕!

问题1:由于我使用的DHCP方式获取的IP地址,IP地址改变后,发现WordPress网站访问有问题。
解决办法:修改数据库wordpress中的表wp_options中的siteurl,这里写死了安装时的IP地址。
# mysql -uroot -p
mysql>use wordpress;
mysql>show tables;
mysql>desc wp_options;
mysql>select * from wp_options where option_name='siteurl';
mysql>update wp_options set option_value='http://100.91.59.10' where option_name='siteurl' ;
按新的IP地址访问,这次应该页面显示正常了:



参考文献:
1. http://www.cnblogs.com/vamei/archive/2012/12/04/2799381.html
2. http://www.it165.net/admin/html/201401/2302.html
3.  http://www.567tx.com/post-615.html
4. http://zhidao.baidu.com/link?url=FrRo3m3aUHsCn5TX0SZI9ZLM6pEVpdWxFExE_NBGpOkEP-tPWdIqBlZqhXCIM6nfgdatH5kluyBtaxgtRw10LOyN3ffuw0rLci4Ki2gq7re

Linux_093:使用EPEL源YUM安装PyYAML

运行环境:RHEL 7

需要在RHEL 7下安装PyYAML软件,添加了RHEL 7 iso本地源,依然报告无法找到PyYAML安装包,于是求助EPEL。

EPEL(Extra Packages for Enterprise Linux)是由 Fedora Project 推出的免费的软件包,为 RHEL 及其衍生发行版如 CentOS、Scientific Linux 等提供高质量、高性能、高可靠性的软件包,对 RHEL 标准 YUM 源是一个很好的补充,完全免费使用。

官网地址:http://fedoraproject.org/wiki/EPEL。

找到这一行:
If you are running an EL7 version, please visit here to get the newest 'epel-release' package for EL7: The newest version of 'epel-release' for EL7。
并点击进入下一页面,下载文件:epel-release-7-5.noarch。

1. 执行 # rpm -ivh epel-release-7-5.noarch
执行后,会在/etc/yum.repos.d/目录下生成两个.repo文件

(1)/etc/yum.repos.d/epel.repo              正式版,所有的软件都是稳定可以信赖的
(2)/etc/yum.repos.d/epel-testing.repo  测试版
默认情况下,只有正式版是有效状态的,如果你想试试测试版的话,需要修改/etc/yum.repos.d/epel-testing.repo,把enabled=0改成enabled=1即可。

2. 导入Key:# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

3.  执行 # yum install yum-priorities

4. 再执行 yum install PyYAML,这次应该能够找到软件包了。

参考文献:
1. http://www.codesky.net/article/201110/170019.html
2. http://www.linuxidc.com/Linux/2012-10/71850.htm

2015年1月1日星期四

Linux_092:RHEL6下使用YUM安装LAMP环境

环境:RHEL 6.6

首先安装好RHEL6.6,并将RHEL6.6的iso文件作为本地YUM源。

1. 设置防火墙,开启mysql port:3306 apache port:80
# vim /etc/sysconfig/iptables
修改后的文件内容如下:


# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

2. disable SELinux
# vim /etc/selinux/config
修改后的文件内容如下:

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted


3. 安装Apache httpd 服务
(1)# rpm -qa|grep httpd
(2)# yum install httpd -y
(3)# vim /etc/httpd/conf/httpd.conf
修改 276行,内容如下:
ServerName localhost
(4)# chkconfig --level 35 httpd on
(5)# /etc/init.d/httpd restart


4. 安装MySQL服务
(1)# yum install mysql mysql-server -y
(2)# /etc/init.d/mysqld start
(3)# chkconfig --level 35 mysqld on
(4)拷贝配置文件、设置MySQL的root账户密码(该root非Linux账户root)
         # cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
         # mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

5. 安装PHP
(1)#yum install php php-mysql -y
(2)# vim /var/www/html/index.php
内容如下:
<?php
phpinfo();
?>
(3)# /etc/init.d/httpd restart

6. 访问http://localhost


参考文献:
1. http://www.it165.net/admin/html/201401/2302.html
2. http://wenku.baidu.com/link?url=Aq-nzbul5b84FGL290LIHyQjaL4UZT-md4OfOLp2sQU2fWMNhDK6JXCjtlJtLXg3KpCddTnsGptmvDmyQut6qckAqK97zAkfwQ-SprVIWl
3. http://zhidao.baidu.com/link?url=FrRo3m3aUHsCn5TX0SZI9ZLM6pEVpdWxFExE_NBGpOkEP-tPWdIqBlZqhXCIM6nfgdatH5kluyBtaxgtRw10LOyN3ffuw0rLci4Ki2gq7re